Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
silver vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2019-16103
Silver Peak EdgeConnect SD-WAN prior to 8.1.7.x allows privilege escalation (by administrators) from the menu to a root Bash OS shell via the spsshell feature.
Silver-peak Unity Edgeconnect Sd-wan Firmware 8.1.4.9 65644
801
VMScore
CVE-2010-4495
Unspecified vulnerability in the ActiveMatrix Runtime component in TIBCO ActiveMatrix Service Grid 3.0.0, 3.0.1, and 3.1.0; ActiveMatrix Service Bus 3.0.0 and 3.0.1; ActiveMatrix BusinessWorks Service Engine 5.9.0; ActiveMatrix BPM 1.0.1 and 1.0.2; Silver BPM Service 1.0.1; and S...
Tibco Activematrix Service Grid 3.0.1
Tibco Activematrix Bpm 1.0.1
Tibco Silver Bpm Service 1.0.1
Tibco Activematrix Service Grid 3.1.0
Tibco Activematrix Service Bus 3.0.0
Tibco Activematrix Service Bus 3.0.1
Tibco Activematrix Businessworks Service Engine 5.9.0
Tibco Activematrix Service Grid 3.0.0
Tibco Activematrix Bpm 1.0.2
Tibco Silver Cap Service 1.0.0
756
VMScore
CVE-2020-12148
A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance software could allow an malicious user to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance. An attacker could exploit this vul...
Arubanetworks Edgeconnect Enterprise
756
VMScore
CVE-2020-12149
The configuration backup/restore function in Silver Peak Unity ECOSTM (ECOS) appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an malicious user to manipulate the resulting command by injecting valid O...
Arubanetworks Edgeconnect Enterprise
755
VMScore
CVE-2008-2193
PHP remote file inclusion vulnerability in example.php in Thomas Gossmann ScorpNews 2.0 allows remote malicious users to execute arbitrary PHP code via a URL in the site parameter.
Scorpnews Scorpnews 2.0
1 EDB exploit
685
VMScore
CVE-2008-0459
Directory traversal vulnerability in update/index.php in Liquid-Silver CMS 0.35, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the update parameter.
Liquidsilvercms Liquidsilvercms 0.3
Liquidsilvercms Liquidsilvercms 0.35
1 EDB exploit
668
VMScore
CVE-2021-23274
The Config UI component of TIBCO Software Inc.'s TIBCO API Exchange Gateway and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack...
Tibco Api Exchange Gateway Distribution
Tibco Api Exchange Gateway
668
VMScore
CVE-2020-12145
Silver Peak Unity Orchestrator versions before 8.9.11+, 8.10.11+, or 9.0.1+ uses HTTP headers to authenticate REST API calls from localhost. This makes it possible to log in to Orchestrator by introducing an HTTP HOST header set to 127.0.0.1 or localhost. Orchestrator instances t...
Silver-peak Unity Orchestrator
668
VMScore
CVE-2019-16102
Silver Peak EdgeConnect SD-WAN prior to 8.1.7.x has an SNMP service with a public value for rocommunity and trapcommunity.
Silver-peak Unity Edgeconnect Sd-wan Firmware 8.1.4.9 65644
668
VMScore
CVE-2017-11496
Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote malicious users to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files.
Gemalto Sentinel Ldk Rte 2.10
Gemalto Sentinel Ldk Rte 7.50
Gemalto Sentinel Ldk Rte 3.0
Gemalto Sentinel Ldk Rte 7.1
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »